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PATENT 



IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 
PETITION FOR EXTENSION OF TIME 
FROM THE NOTICE OF APPEAL 

/ hereby certify that this correspondence is being deposited uiith tlie U.S. Postal Service 
as first class mail in an envelope addressed to Commissioner ofPatentaand Trademarks, 
Washington, D.C. 20231 on November 22, 2002. 




Applicant. 
Application No. 
Filed 
Title 



Koichiro Ekudome, et al. 

09/295,966 

April 21, 1999 

USER SPECIFIC AUTOMATIC DATA REDIRECTION SYSTEM 



Grp./Div 
Examiner 



3621 

Pierre Eddy Elisca 



Docket No. 



34503/WWM/A522 



Assistant Commissioner for Patents 
Washington, D.C 20231 



Post Office Box 7068 
Pasadena, CA 91109-7068 
November 22, 2002 



Commissioner: 



Applicant petitions the Commissioner to extend the time for response to the Notice of Appeal 
filed April 12, 2002 and made under 37 CFR § 1. 136(a) for one month(s) from Octoher 22, 2002 
to November 22, 2002. 

The fee for extension of time required by 37 CFR § 1.17 is calculated below. 



FEE CALCULATION 




LENGTH OP EXTENSION 


SMALL ENTITY 


LARGE ENTITY 


FEE 


WITHIN FIRST MONTH 


S 55 


$110 




WITHIN SECOND MONTH. 


$200 


$400 


$ 


WITHIN THIRD MONTH 


$460 


$920 


$ 


WITHIN FOURTH MONTH 


$720 


$1440 


$ 
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WITHIN FIFTH MONTH 


$980 


$1960 


$260.00 






(difference 








belween the 








fourth and fifth 








month extension 








fees - 4 th 








extension was 








filed on October 








22 f 2002) 



Submitted herewith is a check for $260.00 to cover the cost of the extension. 

The Commissioner is hereby authorized to charge any fees under 37 CPR 1.16 and 1. 17 which 
may be required by this paper to Deposit Account No. 03-1728. Please show our docket 
number with any charge or credit to our Deposit Account. A copy of this letter is enclosed. 

Respectfully submitted, 
CHRISTIE, PARKER & HALE, LLP 




Wesle^W. Monroe 
Reg. No. 39.778 
626/795-9900 



WWM/eaj 
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PATENT 



IN THE UNITED STATES PATENT AND TRADEMARK OFFICE 

I hereby certify that this correspondence is being deposited with the U.S. Postal Service as 
first class mail in an envelope addressed to Commissioner of Patents and Trademarks, 
Washington* D.C. 20231 on November 22 1 2002. 




Applicant 
Application No. 
Filed 
Title 

Grp./Div. 
Examiner 



Koichiro Ikudome, et al. 

09/295,966 

April 21 , 1999 

USER SPECIFIC AUTOMATIC DATA 

REDIRECTION SYSTEM 

3621 

Pierre Eddy Elisca 



Docket No. 



34503AVWM/A522 



SUBMISSION OF APPELLANT'S BRIEF 
TO THE BOARD OF PATENT APPEALS AND INTERFERENCES 



Post Office Box 7068 

Assistant Commissioner for Patents Pasadena, CA 91 101-7068 

Washington, D,C. 2023 1 November 22, 2002 

Commissioner; 

Enclosed for filing are the original and two copies of Appellant's Brief for this application. 

_X .__ An extension of time to file Appellant's Brief is requested, and a Petition for Extension 

of Time and the applicable fee are enclosed. 
X Our check for $160.00 to cover the fee for the appeal brief is enclosed. 

An oral hearing of the appeal is requested, and our check for %, the fee for the oral 

hearing, is enclosed. 

The Commissioner is hereby authorized to charge any further fees under 37 CFR 1.16 and 1.17 
which may be required by this paper to Deposit Account No. 03-1728. Please show our docket 
number with any charge or credit, to our Deposit Account. A copy of this letter is enclosed. 

Respectfully submitted, 

CHRISTIE, PARKER & HALE, LLP 



By 




Wesley W. Monroe 
Reg. No. 39,778 
626/795-9900 

WWM/eaj 
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Docket No. 
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APPELLANT'S BRD3F 



Assistant Commissioner for Patents 
Washington, D.C. 20231 



Post Office Box 7068 
Pasadena, CA 91109-7068 
November 22, 2002 



Com m issioner: 

This is an appeal from the Final Rejection, dated October 12, 2001 , of the claims in the 
above-referenced application. 

1. REAL PARTY IN INTEREST 

Tho real party in interest, is the assignee of the subject application, Auric Web Systems. 

2. RELATED APPEALS AND INTERFERENCES 
There are no related appeals or interferences. 

3. STATUS OF CLAIMS 

Claims 1-29 are pending in the present application. 

Claims 1-29 have been rejected in a final rejection, dated October 12, 2001 under 35 
U.S.CJ 102(h). 
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Tho claims on appeal are claims 1-29. 
4. STATUS OF AMENDMENTS 

Appellants submitted additional remarks in a response to the final rejection. Tins 
response did not. amend any claims. The response was not detuned to overcome the rejections. 
See, Paper 14, dated October 22. 2002. There are no outstanding, unentered amendments. 
6. SUMMARY OF INVENTION 

Tbe invention is an improved database system and method for redirecting and filtering 
Internet traffic. Appellants' Specification (hereinafter "Specification"), 1:10-1.1 (parages are 
indicated by pagedine). One embodiment of the invention relates to a system and method 
including a database 206 1 with entries correlating each of a plurality of user IDs with an 
individualized rule set. A dial-up network server 102 receives user IDs from users' computers 
100, and a redirection server 208 is connected to the dial-up network server 102 and a public 
network 1 10. An authentication accounting server 204 is connected to the database 206, the 
dial-up network server 102 and the redirection servor 208. Tho dial-up network server 102 
communicates a first user ID for one of the users* computers 100 and temporarily assigned 
network address for the first user ID to the authentication accounting server 204. The 
authentication accounting server 204 accesses the database 206 and communicates the 
individualized rule set that correlates with the first user ID and the temporarily assigned 
network address to the redirection server 208. Specification, 4:8-13. Data directed toward 
the public network 1 1 0 from one of the users' computers 1 00 are processed by the redirection 
server 208 awarding the individualized rule set. Specification, 3:30-4:7. 

One embodiment of the invention also redirects the data to and from the users 
computers as a function of the individualized rule set. Specification, 3:26-28. In another 
embodiment, at least, a portion of the rule set for a temporarily assigned notwork address? is 
automatically modified or at least a portion of the rule set is modified while that rule set 
remains correlated to the temporarily assigned network address. Specificatum, 3:28-30. 



'All numerals refer to FIG. 2. 
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6. ISSUES 

(1) Whether claims 1-29 are unpatentable under 35 U.S.C. § 102(b) over Horowitz, etal. 
(WO 96/05549). 

7. GROUPING OF CLAIMS 

For purposes of this appeal, the claims are grouped as follows and for the purposes of this 
appeal only, the claims within each group stand and fall together. The claims consist of four 
independent claims, claims 1, 8, 15, and 26. Claims 1 and 15 claim systems and claims 8 and 
26 claim methods corresponding to those systems. For determining anticipation within the 
meaning of 35 U.S.C. § 102(b), the groups are: 

Gwmp 1 - 1-4. 7-11, 14 

Group II -5-6, 12-13 

Group III- 15-29 

8. ARGUMENT 

A. GROUP I 

Group I includes claims 1-4, 7-11 and 14. Independent claim 1 recites a system 
comprising a database with entries correlating each of a plurality of user IDs with an 
individualized rule set; a dial-up network server that receives user IDs from users' computers; 
a redirection server connected to the dial-up network server and a public network; and an 
authentication accounting server connected to the database, the dial-up network server and 
the redirection server, wherein the dial-up neLwork server communicates a first user ID for 
one of the users' computers and a temporarily assigned network address for the first user ID 
totbe authentication accounting server, wherein the authenticationaccoiuiting server accesses 
the database and communicates the individualized rule set that correlates with the first user 
ID and the temporarily assigned network address to the redirection server, and wherein data 
directed toward the public network from the one of the users' computers are processed by the 
redirection server according to the individualized rule set. 
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The Examiner has rejected independent, claim 1 under 35 U.S.C §102{b) as being 
anticipated by Horowitz. Horowitz is directed to a local network 2 remote access server. 
Horowitz, Abstract. Remote users, -such as telecommuters, can dial directly into a remote 
access server 3 that, checks the remote users' IDs and passwords against a database. Horowitz, 
3:15-28. The database also includes pre programed access filters indicating to which of the 
known devices connected to the local network (e.g., other computers, printers, etc.) the user 
can have access. Horowitz, 3:32-4:5. The remote access server can then allow or block the 
user from access to a particular device. 

Similar packet filtering is discussed in the Appellants' background section. Specifically, 
"packet filtering is very limited because it is static. Once packet filtering rule sets are 
programed into a firewall or other packet filter device, the rule set. can only be changed by 
manually reprogramming the device." Specificat.ion, 2:30-34. However, this disadvantage can 
be largely irrelevant on a local network because the devices and networks 4 on which the access 
filters fire based are relatively static and known by the notwork administrator. Horowitz 
teaches that the database is "m aintained by a network manager who has central control of and 
responsibility for the network 14 and the maintenance thereof." Horowitz, 8:31-9:2. Such 
control over a constantly changing public network, such as the Internet, is not feasible. 

A single prior art reference will anticipate a claim only if it expressly or inherently 
describes each and every limitation in the claim. Venbgaal Bros., Inc. v. Union Oil Co., 814 
F.JJd 628, 631 (Fed. Cir. 1987). Horowitz neither expressly nor inherently discloses every 
limitation of claim 1 . Specifically, Horowitz does not disclose the claim element, "wherein data 
directed toward the public network from the one of the users' computers are processed by the 
redirection server according to the individualized rule set." The entirety of the Examiner's 
grounds for rejection with respect to this element is that the element is "disclosed by Horowitz, 
in the abstract, specifically wherein it is stated that the server also includes processing 



'See, e.g., Horowitz, Abstract. 1:5-10 and 3:1-7. 
'See Horowitz, 4:6-23. 
*See Horowitz. 3:29-4:5. 

.A. 
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electronics which control the communication and network ports." See Final Office Action, p. 
3. In an advisory action/' the Examiner essentially repeated this ground stating: 

Applicant's representative argues that Horowitz does not fdisclo.se] any about 'a 
system that control a users access to a public network'.,. However, the Kxamincr 
respectfully disagrees because HorowiLz iu the Abstract, specifically wherein it is 
stated that processing [electronics] which control the communication... see office 
action mailed on 10/1272001. 

For a finding of anticipation, "the identical invention must be shown in as complete detail as 
is contained in the ...claim." Richardson o. Suzuki Motor Co., 868 F.2d 1226, 1236 (Fed. Cir. 
1989). However, nothing in the references passage from the Abstract cited by the Examiner 
discloses any data directed to a public network. 

Although not explicitly stated, the Examiner appears to be making an assumption that 
"communication and network ports" inherently direct data to a public network. First, 
Horowitz fails to inherently anticipate the claimed element "Inherent anticipation requires 
that the missing descriptive material is 'necessarily present/ not merely probably or possibly 
present, in the prior art." Trintec Indus., inc. ». Top-U.S„A. Corp., 295 F.Bd 1292, 1.295 (Fed. 
Cir. 2002). While it is true that it is possible to use "communication and network ports" to 
direct data to a public network, "communication and network ports" are oRon used in systems 
without directing data to a public network. For example, two stand alone computers directly 
connected over a telephone line with modems or two computers connected to each other in a 
simple LAN have "communication and network ports" controlled by processing electronics, but 
do not direct data toward a public network. Appellants therefore submit that the missing 
description of "directing data toward a public network" falls far short of being "necessarily 
present" in Horowitz, as is required by Trintec Indus., toe. u. Top-U.S.A. Corp. 

Second, Lhc specific "communication and network ports" disclosed in Horowitz do not 
expressly teach or surest anything about public networks or directing data to a public 
network. The "communication and network ports" in the Horowitz abstract cannot be read in 

*See 9 Paper No. 14, sent November 8, 2002. 
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Received from < 6265778800 > at 4/2103 5:56:08 PM [Eastern Standard Time] 



Sent By: Chistie, Parker & Hale; 6265778800; Apr-2-03 3:11PM; Page 11 



Application No. 09/295,966 

a vacuum. They must he read in the context of the Horowitz disclosure. The entirety of 
Horowitz that discusses these ports is as follows: 

Referring now to FIG. 4, in one embodiment the remote access server 16 includes 
electronics 38, a plurality of serial communication ports 40,-40 N , and a plurality of 
network ports 42 r 42 N . The server 16 also can include a plurality of internal modems 
44 r 44 N . The serial ports 40 and the network ports 42 are controlled by the electronics 
38. 

The electronics 38 include, in some embodiments, a powerful 16 MHz 68EC020 
microprocessor and memory such as up to 1 megabyte of battery backed-up static 
random access memory (SRAM) and possible 64 kilobytes in an erasable programmable 
read only memory (EPROM). 

Each of the aerial communication ports 40 is for coupling with a communication 
device (e.g„ the modem 26 of FIG. 1), or for coupling directly with the telephone lines 
22, to provide for communication with a remote computer (e.g. f the remote computer 12 
of FIGS 1 and 2) over the telephone lines 22. A connecting cable can be used to couple 
a aerial port 40 with the communication device or with the telephone lines. Each of the 
serial ports 40 can simultaneously be coupled to a different one of the plurality of 
remote computer* so as to provide simultaneous access to a local computer network for 
each of the remote computers, even if each of the remote computers employs a different 
protocol (e.g., IPX, TCP/IP, AppleTalk, NetBEUI, or 802.2/LLQ... 

Each of the network ports 42 is for coupling with a local computer network (e.g., the 
network 14 of FIGS. 1 and 2), via a connecting cable, to provide for communication with 
the network... In some embodiments, the server 16 includes three network ports 42, one 
for lOBaseT Ethernet, one for Thin Ethernet, and one for Thick Ethernet. In some 
other embodiments, the server 16 includes a single network port 42 for Token Ring. 
In some other embodiments, the server 16 includes a single network port 42 for use 
with Apple LocalTalk. 

Horowitz, 16:24-17;J4, 17:24-18:1 (emphasis added). As indicated in the emphasized portion 
of this disclosure, the "communications ports" provide communication with remote computers 
used to remotely access the network that includes the communication ports, not a public 
network- Similarly, the "network ports" are coupled to a local computer network, not a public 
network. Nowhere hi this discussion is there any teaching or suggestion of a public network 
or the "communication and network ports" being connected to one, and, in fact, the entire 
disclosure is expressly directed to only a private network. 
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As discussed above, the differences between public and private networks arc important. 
In private networks, such as in Horowitz, all of the resources and services are known. Private 
networks arc "maintained by a network manager who has central control of and responsibility 
for the network 14 and the maintenance thereof." Horowitz, 8:31-9:2. All of the resources and 
services are known. Additionally, since these networks are "private/' they are not accessible 
to the public. In a public network, the available resources and services are unknown and 
constantly changing, Horowitz states that an object of its access filter is to provide "security 
features" and "restrict access to the network on a per-user basis." Public networks are not 
secure and access is unrestricted. Because Horowitz fails to disclose the cited limitations 
either expressly or inherently. Appellants respectfully submit that claim 1 is not anticipated 
by Horowitz. 

Independent claim 8 recites a method that corresponds to the system recited in claim 
L Appellants respectfully submit that claim 8 and its dependent claims 9-14 are therefore 
patentable over Horowitz, Appellants respectfully request that the rejections to claims 8-14 
be withdrawn. 

For all of the reasons stated above, Appellants respectfully submit that claim 1, its 
dependent claims 2-7, claim 8 and its dependent claims 9- 1 4 are patentable over Horowitz and 
respectfully request that the rejection under §102 bo withdrawn. 

B. GROUP II . 

Group II includes claims 5-6 and 12-13, Claims 5-6 and 12-13 recite systems and 
methods that redirect data to and from the users' computers via the redirection server as a 
function of the individualized rule sot. The passages in//orow;?:tecitedby the Examiner do not 
teach or suggest this limitation. Instead, these passages relate to only blocking or allowing 
access to the private network, or particular devices on the private network. Horowitz, 
Abstract, 9:20*29. The Appellants can find no teaching or suggestion anywhere in Horowitz 
of directing the data to or from the user to an alternate location based on Lhe individualized 
rule set and the Examiner has not identified such teaching or suggestion. 

-7- 
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Appellants include an extensive discussion regarding redirection of data in their 
specification. Specification, 1:29-2:16. Redirection involves the server "directing" the user to 
another area of the network. If the user chooses on its own to try to access another, allowable 
area of the network, this is clearly not redirection by the server. Horowitz, therefore, does not 
disclose any server that redirects data, but rather only passively blocks or allows data. As this 
limitation is neither expressly or inherently present in Horowitz, Appellants respectfully 
request that the rejections to Group II be withdrawn. Additionally, Appellants submit that 
claims 5-6 and 12-13 arc dependent on patentable independent claims 1 and 8, respectively, 
and should therefore be allowed. The difference between passive blocking and allowing data 
and the redirection in this group of claims also makes these claims patontably distinct from 
the claims in Group I. because the claims in Group I would cover passive blocking and allowing 
data. 



C. GROUP III . 

Group III includes claims 15-29. Independent claim 15 recites a system comprising a 
redirection server programed with a user's rule set correlated to a temporarily assigned 
network address; wherein the rule set contains at least one of a plurality of functions used to 
control passing between the user and a public network; and wherein the redirection server is 
configured to allow automated modification of at least a portion of the rule set correlated to 
the temporarily assigned network address. 

The Examiner has rejected independent claim 15 under 35 U.S.C. §102(h) as being 
anticipated by Horowitz, As discussed in relation to Group I, above, Horowitz contains no 
express or inherent teaching or suggestion of a public network, or a rule set with functions 
used to control passing between the user and a public network. Appellants therefore 
respectfully submit that claim 15 and its dependent claims 1G-25 are allowable and request 
that their rejections be withdrawn. 

Additionally, Horowitz contains no teaching or suggestion of "automated modification 
of at least a portion of the rule set correlated to the temporarily assigned network address/' 
Although Appellant brought tho absence of this element to the Examiner's attention in every 

-8- 



Received from < 6265778800 > at 4/2/03 5:56:08 PM [Eastern Standard Time] 



t 



Sent By: Chistie, Parker & Hale; 



6265778800; 



Apr-2-03 3:12PM; 



Page 14/26 



Application No. 09/295,966 

communication, fi the Examiner has failed to cite any teaching or suggestion in Horowitz that 
meets this element or respond to Appellants argument in any way. Appellant respectfully 
submits that the Examiner has failed to .show that claims 1 S*25 are expressly or inherently 
anticipated hy Horowitz, and therefore requests that the rejections to these claims be 
withdrawn. The automated modification element also distinguishes the claims of Group III 
from the claims of Group I as even if the claims of Group T were anticipated by Horowitz^ there 
would be no anticipation of the Group 111 claims because Horowitz doss not disclose or suggest 
the automated modification element. 

Independent claim 26 recites a method that corresponds generally to the system recited 
in claim 15. Appellants respectfully submit that claim 2G and its dependent claims 27-29 are 
therefore patentable over Horowitz. Specifically, the Examiner has not cited any portion of 
Horwitz as disclosing "modifying at least a portion of the user's rule set while the user's rule 
set remains correlated to the temporarily assigned network address M Appellants respectfully 
request that the rejections to Group III be withdrawn. 

D. CONCLUSION . 

A single prior art reference will anticipate a claim only if it expressly or inherently 
describes each and every limitation in the claim. Verdegaal Bros., Inc. v. Union Oil Co., 814 
F.2d 628. 631 (Fed. Cir. 1987). Regarding Group I, the reference cited by the Examiner in 
support of his 35 U.S.C. § ) 02(b) rejection fails to expressly or inherently teach or suggest 
"wherein data directed toward the public network from the one of the users' computers arc 
processed by the redirection surver according to the individualized rule sot." Horowitz, in fact, 
contains no teaching or suggestion of a public network at all, and is expressly related to only 
a private network. Regarding Group II, the Examiner has failed to show any teaching or 
suggestion in Horowitz of "redirection of data to or from a user." Finally, regarding Group III, 
the Examiner has failed to show any teaching or suggestion in Horowitz of "modification of a 



°See.> Response to Office Action sent July 30, 2001 p. 7, Telephone conference of October 10, 
2002, and Response to Office Action sent October 22, 2002 p. 3. 
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rule set correlated to a temporarily assigned network address." In fact, the Examiner has 
offered no argument or reference related to this claim clement. Accordingly, the Examiner has 
failed to make out a prima facie case of anticipation and the issuance of a notice of allowance 
is appropriate. 



Respectfully submitted, 
CHRISTIE, PARKER & HALE, LLP 



By 




Wcsley^wTMonrop. 
Reg. No. 39,778 
626/795-9900 
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APPENDIX OF CLAIMS INVOLVED IN THE APPEAL 



A system comprising: 



a database witb ontries correlating each of a plurality of user IDs with an 
individualized rule set; 

a dial-up network server that reives user IDs from users' computers; 

a redirection server connected to the dial-up network server and a public network, and 

an authentication accounting server connected to the database, the dial-up network 
server and the redirection server; 

wherein the dial-up network server communicates a first user ID for one of the users' 
computers and a temporarily assigned network address for the first user ID to the 
authentication accounting server; 

wherein the authentication accounting server accesses the database and communicates 
the individualized rule set. that correlates with the first user ID and the temporarily assigned 
network address to the redirection server; and 

wherein data directed toward tho public network from the one of the users' computers 
are processed by the redirection server according to the individualized rule set. 

2. The system of claim 1, wherein the redirection server further provides control 
over a plurality of data to and from the users' computers as a function of the individualized 
rule set. 

3. The system of claim 1, wherein the redirection server further blocks the data 
to and from the users' computers as a function of the individualized rule set. 

4. The system of claim 1, wherein the redirection server further allows the data 
to and from tho users' computers as a function of the individualized rule set. 
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5. The system of claim 1, wherein the redirection server further redirects the data 
to and from the users' computers as a function of the in dividu aliased rule set. 

G. The system of claim 1, wherein the redirection server further redirects the data 
from the users' computers to multiple destinations as a function of the individualized rule set. 

7. The system of claim 1 , wherein the database entries for a plurality of the 
plurality of users' IDs are correlated with a common individualized rule set. 

8. Tn a system comprising a database with entries correlating each of a plurality 
of user TDs with an individualized rule set; a dial-up network server that receives user IDs 
from users' computers; a redirection server connected to the dial-up network server and a 
public network, and an authentication accounting server connected to the database, the dial- 
up network server and the redirection server, the method comprising the steps of: 

communicating a first, user ID for one of the users' computers and a temporarily 
assigned notwork address for the first user TD from the dial-up network server to the 
authentication accounting server: 

communicating the individualized ruleset that correlates with the first user ID and the 
temporarily assigned network address to the redirection server from the authentication 
accounting server; and processing data directed toward the public network from the one of 
the users' computers according to the individualized rule set. 

9. The method of claim 8, further including the step of controlling a plurality of 
data to and from the users' computers as a function of the individualized rule set. 

10. The method of claim 8, further including the step of blocking tbo data to and 
from the users' computers as a function of the individualized rule set. 
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11. The method of c:l aim 8, further including the step of allowing the data to and 
from the users computers as a function of the individualized rule set. 

L2. The method of claim 8, further including the step of redirecting the data to and 
from the users' computers as a function of the individualized rule set, 

1 8. The method of claim 8, further including the step of redirecting the data from 
the users' computers tu multiple destinations a function of the individualized rule set. 

14. The method of claim 8. further including the step of creating database entries 
for a plurality of the plurality of users' IDs, the plurality of users' ID further being correlated 
with a common individualized rule set. 

1 5. A system comprising: 

a redirection server programed with a user's rule sot correlated to a temporarily 
assigned network address; 

wherein the rule set contains at least one of a plurality of functions used to control 
passing between the user and a public network; and 

wherein the redirection server is configured to allow automated modification of at least 
a portion of the rule set correlated to the temporarily assigned network address, 

16. The system of claim 15, wherein the redirection server is configured to allow 
modification of at least a portion of the rule set as a function of time. 

1 7. The system of claim 15, wherein the redirection server i.s configured to allow 
modification of at least a portion of the rule set as a function of the data transmitted to or from 



the user. 
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18. The system of claim 15, wherein the redirection server is configured to allow 
modification of at least a portion of the rule set as a function of the location or locations the 
user access. 

19. The system of claim 15, wherein the redirection server is configured to allow 
modification of at least a portion of the rule set as a function of sonic* combination of time, data 
transmitted to or from the user, or location or locations the user access. 

20. The system of claim 15, wherein the redirection server is configured to allow the 
removal or reinstatement of at least a portion of the rule set as a function of time. 

21. The system of claim 16, wherein the redirection server is configured to allow the 
removal or reinstatement of at least a portion of the rule sot as a function of the data 
transmitted to or from the user. 

22. Tho system of claim 15, wherein the redirection server is configured to allow the 
removal or reinstatement of at least a portion of the rule set as a function of the location or 
locations the user access. 

23. The system of claim 15, wherein the redirection server is configured to allow the 
removal or reinstatement of at least a portion of the rule sot as a function of some combination 
of time, data transmitted to or from the user, or location or locations the user access. 

24. The system of claim 15, wherein the redirection server has a user side that is 
connected to a computer using the temporarily assigned network address and a network side 
connected to a computer network and wherein the computer using the temporarily assigned 
network address is connected to the computer network through the redirection server. 
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25. The system of claim 24 wherein instructions to tho redirection server to modify 
the rule sot are received by one or more of the user side of the redirection server and the 
network side of the rodirection server. 

2(i. Tn a system comprising a redirection server containing a user's rule set 
correlated to a temporarily assigned network address wherein the user's rule set contains at 
least one of a plurality of functions used to control data passing between the user and a public 
network; the method comprising the step of: 

modifying at least a portion of the user's rule set while the user's rule set remains 
correlated to the temporarily assigned network address in the redirection server. 

27. The method of claim 2(5, further including the step of modifying at least a 
portion of the user's rule set as a function of one or more of: time, data transmitted to or from 
the user, and location or locations (Jie user access. 

28. Tho method of claim 26, further including the Atop of removing or reinstating 
at least a portion of the users rule Ret as a function of one or more of: time, the data 
transmitted to or from the user and the location or locations the user access. 

29. The method of claim 26, wherein the redirection server has a user side that is 
connected to a computer usin^ the temporarily assigned network address and a network side 
connected to o computer network and wherein the computer using the temporarily assigned 
network address is connected to the computer network through tho redirection server and the 
method further includes the step of:. 

receiving instructions by the redirection server to modify at least a portion of tho user's 
rule set through one or more of the user side of the redirection server and the network side of 
the redirection server, 
WWM/rah 
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